Dear all,

I am pleased to announce the release of djehuty v25.3. The March release of 2025 consists of 57 commits made by 2 authors.

This release contains various bugfixes, minor UI revisions, minor feature updates, and contains the foundation for an extra security layer to prevent cross-site scripting vulnerabilities.

The release date slipped a couple of days because yours truly wanted to give last-minute changes a little bit of time to make sure no regressions occurred before formalizing the release.

New features - Implement API endpoints for reviewers (1de7f6808, 038e931b9, 2f5963553). - Report number of search results in the /v2/articles/search endpoint. (a8917a837). - Add 'SoftwareSourceCode' to RO-Crate output (79cf0b32a).

UI revisions - Revise the “Cite” and “Collect” buttons on landing pages (b0b9dbd1f). - Remove the need for a “save URL” button in the dataset metadata form (a853085c9). - Revise the versions drop-down menu on landing pages (e5b89ce23). - Fix tile scaling on the main page for different zoom levels (7a30bfa47).

Security - Addressed a Cross-Site-Scripting vulnerability in the search functionality (40b12a559). - Only display e-mail address of authors to the creators of such records. (05a56fa18).

Bugfixes - Fix author ordering for collections. (244017a01). - Fix bug in cached responses in the IIIF Image API implementation (88d68c787). - Fix bug with proportional scaling in the IIIF Image API implementation (05d5c7a85). - Fix various bugs with rendering HTML entities and tags. (d3667ed8b, 3b19d7de8, 08e4fc77a, 3a1f3dde5). - Avoid a divide-by-zero situation with quota usage calculation (cefde15dd). - Fix creating datasets with repeated fields using the v2 API (74fe025db, 87127c1f8). - Fix setting default fields when creating a dataset using the API (7f183389d). - Fix returning Git statistics for empty Git repositories (be3630a63, 2cffe955a, c3227a768).

Technical debt - Work towards a stricter Content-Security-Policy by avoiding inline use of style attributes, script elements, and event handlers (b862fdf3d, 18b3bbe3e, f08542ecb, 1c248a1e2, 99cf348f8, 7524bbbd2, 4d6696335). - Avoid hard-coded versions in the documentation for the RPM download links (21be87dc0). - Avoid repetitive text in the documentation by using macros (088f8a13c, f3dc9c8cd). - Build Docker images with C development libraries to work around “xmlsec” build issues. (2c03cb3cb).

Kind regards, Roel Janssen

Senior Software Engineer at 4TU.ResearchData.